PS, on that lame little support forum for that shitty little trade script you have, there are several posts discussing errors of a similiar nature, AND displaying similiar information. IE. paths, etc.



Does that mean that POS you spam has an exploit?

LMA0

Fact is I prepared a bunch of servers for nats and I know how clueless you are
about servers and when you tell me I dont understand a mysql error yea it gets me mad

you are so cocky!
but thanks, I've wasted enough time on it.

Dude! I didn't said no script has them.
It just give too much information and I don't call that an "intelligent error"

yup, it has a shit load of bugs.
I coded it in two hours but it wont give away any substantial info if lets say it would be hacked.
Can nats say the same if someone hack them ?

LOL, you are funny... I'm curious how _I_ am "clueless" about servers.. not sure how you base this on the fact that you prepared servers for nats before, but thats ok... I'd like to know what you think makes us (as in Too Much Media, yes, this is not a one-man-show, we actually have an office and employees and such) "clueless" about servers... I'm seriously interested in that btw, I like to learn...

and I'm not cocky, I'm just good at what I do.. well.. and I'm german, so my english might not be perfect...

Dude, seriously. How is it NOT intelligent?



NATS has found a problem

DB Error: Can't open file: 'accounts.MYI'. (errno: 145)

/usr/home/natsinstall/nats/includes/database.php:430



That gives you the db name, error code, file thats making the call and on what LINE of code the call is being made from.


I just don't get you. lol

I don't see how that could be more clear.

Dude, you give away quite a bit of substantial info, its called SOURCE CODE and its available for the whole damn script of yours...

If you are so good at what you do , do you know how "least privileges" principle
works ?
And if yes, why don't you apply it ?
Why nats gives access to the entire database to the user thats supposed
to fetch only user and passwords ?

(and I have nothing with too much media, this is between you and me cause you started the shit not your company)

its called open source, lol
I dont need to hide my code behind encoders

Yeah, I do.. emm.. and we do not dictate what our clients use in terms of database privileges.. btw, if you think "least privileges" principle is so great, WHY THE FUCK do you tell your axscripts clients to set fucking templates and templates_c to mode 777?!? how is that LEAST PRIVILEGES?!

Seriously, people in a glass house should not throw with stones, you are looking stupid here.

Also, NATS has no single user that only fetches user and password... if you mean SPARTA setups with NATS, we actually tell our clients specifically which tables we need select and which we need update/insert privileges on...

Interesting, LOL... don't twist shit around man, you said you give out no information that could be used to exploit your scripts.. all I have said is that this is actually absolutely false, you give out _ALL_ information possible to help exploit it.

Dude, you do the install for your customers you should be setting what privileges to use.
And dont try to pick on my script because you can't compare them.

You are trying to defend a paid script that deals with valuable company
datas by comparing it with a free link exchange script ?
Thats a bit lame don't you think ?

looks like we have some straight hackers around here. </sarcasm>

Can you point me to where I said I dont give bla bla bla ?
Are you making stuff up now ?
C'mon you gotta find something better

I am comparing it with a script that someone that claims he knows a lot about stuff wrote and obviously is (as that person stated himself) full of bugs and problems. The fact that it is free just means that it might get installed on MORE servers and thus making MORE systems vulnerable.. These systems might very well include sensetive information.

Did you yourself not just a few minutes ago state that:

Make up your mind...

And, we install for our customers, we do NOT prepare the servers, our customers do that... for a very good reason, we are not their host.

Uhm

Right there... Where do you think people will look first if they want to hack a script thats called "axslinks"? Probably the page that comes up as result 1 on google: http://www.axscripts.com/axslinks/ ... and oh look, it has the source!

Seems one program discovered this "little problem", then shortly thereafter yet another had the same "problem" now today I wake up & seems all the little birds had some chats at the grapevine & this "little problem" is spreading, yet affecting several others all of a sudden, like kids trying something new with their christmas toys.

I can assure you that theres no vulnerability that allows server entrace in that script.
You're free to prove me wrong at any time, and it will be easy for you to do
since its open source.

I think the mysql user settings comes from your install instructions ?
whats got to do with the host ?

so you're saying open source is bad ?
you're so full of it

Oh my god.. dude.. you've been told in your own thread already that you have no clue man... its a fucking MYSQL ERROR... god, accept it, its not a damn exploit, there is no exploit.. mysql crashes now and then... at the number of clients we have, its normal that you notice some having mysql problems now and then.. post in the mysql forums and complain about it..

wtf are you talking about dude.
nats is the shiat
all this is customers fault.
I bet all this servers talked to each other and said lets crash mysql.

Last time I checked, there is no such instructions in terms of mysql user settings other than the main user that NATS uses and yeah, that user needs to actually have full access to the tables in the nats db. obviously.

...and santa is still alive and kickin :thumbsup

Dont claim things you cant proof! :warning

WTF, where do I say open source is bad?! Man, get your facts straight dude...

For a moment there, I actually thought you had a clue, that you actually knew things and thats why you got pissed at me... but man, you obviously do not...

The only damn site that has a problem is panchodog, their fucking accounts table crashed, it happends, its not our fault, its not an exploit, its not even POSSIBLE to exploit it, even IF it was then it would be a MYSQL exploit..

Don't feed the clueless people man, I thought you were more intelligent than that...

I was wrong.

what he meant is that theres no exploit he's aware of :)

Ah yes, you are so correct.. sorry..

"there is no known exploit" is what I meant...and I also meant this:
"_this_ is not an exploit"

There, happy?

I hope everyone got it finally that this error isnt any kind of exploit lol, but dont claim to say there´s no exploit for nats! Sooner or later you will see that you were wrong. Just a matter of time...sadly :(

darksoul, take this seriously please..

This is an honest friendly advice: Do not bundle smarty with axscripts, especially not because you let people edit templates via the admin...

what the fuck are you talking about dude ?
I didn't said those crashes are from a exploit, altho have you considered
that maybe nats would have something to do with it and find ways to improve it ?
Isn't it a bit weird that it happens so often ? Have you investigated the problems and decided its just an usuall crash ?
Or you just come in here and blindly defend your product, cause thats your job ? (my guess)

And shit, how could I be smarter than you, god forbid, I just coded a shitty script and I gave away all the source

Yes, sad but true, all software is exploitable, its just a matter of time until someone finds a way to do so... the goal with security of any software company must be that they can fix the exploits that arise as fast as possible...

Did I fucking say it was a fucking exploit!! Did I fucking say ANYTHING about any fucking exploit!!

My own thread?? :1orglaugh I did NOT make or post any damn thread about no friggen exploits . ( I may have replied about the sponsor having issues or problems, yes.. but I did not say anything about no fucking exploits)

I just find it fucking strange that at least 5 sponsors are all having the EXACT SAME ERROR in the same fucking 24 hour period. Fucking dumbass.. Go back to school & take fucking classes in reading comprehension.

No, it is not weird that it happends so often. The mysql errors that get posted on GFY either simply are from the fact that MYSQL failed to start after a reboot, MYSQL itself crashed totally, the external MYSQL server the client uses has a problem or a table crashed... Not ONCE was NATS involved in any of those mysql errors posted here, NATS was simply informing of it.

And yes, we investigated the problems, obviously. We do that constantly each day, we have 5 people working here that do nothing other than that, helping out our clients with problems and questions they have.

And before some idiot says "damn, NATS has so many problems that you need 5 people?", no.. NATS does not have so many problems, we have so many clients...

Do tell me those 5 sponsors... The errors I have seen on GFY in the past 24 hours relating to NATS were (as far as I remember) 3 different errors. Maybe just 2, but I think 3...

And sorry, I meant post, not thread...

I thought you knew your clients?



You even replied to my poetic comments making it clear that you were aware of others having this issue..


hmm..
In last 24 hours... "MySql" error

Wildcash
Hodough
Panchodog
MayorsMoney
NaughtyAmerica

Wildcash: their mysql server was down for a short period of time (external server)
Hodough: honestly not sure there, I will have to look if they even asked us for help with that.
panchodog: accounts table is broken
mayorsmoney: same as hodough, not sure what was up there
naughtyamerica: not even a client of ours

:1orglaugh :1orglaugh Nice:thumbsup

way too much drama in this thread

btw,
can you explain how the mysql on panchodog crashed ?
because using their uptime info looks the server is up for 50+
days, and under normal circumstances mysql doesn't just crash a table.

This thread is fascinating. I think there's like 300+ sponsors that use Nats. There's the possibility at any giving time at least 4 of them have some kind of issues. It's just how it is with SO many configurations and 1% is a styling percentage. And a good number of those probably have nothing to do with TMM :2 cents:

I do like good mudslinging though, and for reasons no made clear this seems more personal than anything else. Promote http://islanddollars.com while you enjoy the show.

it was good, wasn't it ? :)


sorry Nathan for name calling, you're right I get mad too quick sometimes